automation-suite
2023.10
false
UiPath logo, featuring letters U and I in white
Automation Suite on Linux Installation Guide
Last updated Nov 21, 2024

Step 16: Validating the prerequisites for the installation

Before starting the prerequisite validation, make sure you have downloaded the uipathctl installer to the /opt/UiPathAutomationSuite/<version> folder on all the machines, generated the cluster_config.json file, and copied the configuration file to all the machines. For instructions, see Downloading the installation packages and Generating cluster_config.json.

Overview

Before installing Automation Suite, it is good practice to validate the installation prerequisites and infrastructure readiness. You can use the validateUiPathASReadiness.sh script to evaluate your environment and generate a summary before performing the installation.

Validation

Description

Hardware requirements

Validates that each machine in the cluster meets the hardware requirements. The check takes into account the following aspects:

  • server, agent, or tainted node;
  • online or offline system;
  • single-node evaluation profile or multi-node HA-ready production profile.
  • swap memory is disabled.

Disk partitioning and configuration

Validates that you properly partitioned and configured the disk. The check takes into account the following aspects:

  • server or agent node;
  • online or offline system;
  • primary or secondary server node.

SQL Server connectivity

Validates the connectivity to the configured SQL Server and database. The check takes into account the following aspects:

  • connectivity to the SQL Server host (endpoint) on a given endpoint;
  • connectivity to the principal database if create_db is set to true;
  • create database (dbcreator) permissions if create_db is set to true;
  • create schema (db_ddladmin), read (db_datareader), and write (db_datawriter) permissions;
  • connectivity to the database when create_db is set to false;
  • special requirements for each service. For instance, for Insights, the script checks the columnstore index, json support, and whether SQL Server compatibility level is >= 130;
  • connectivity to the database and SQL Server with integrated authentication.

Server certificate

Checks that the server certificate you provided is valid. The check takes into account the following aspects:

  • the certificate file format is .pem, i.e. Base64-encoded DER certificate;
  • the private key length is at least 2048;
  • Extended Key Usage and TLS Web Server Authentication, required for accessing Automation Suite on iOS devices;
  • Subject Alternative Name for all the required DNS entries;
  • server certificate and private key match;
  • the CA bundle you provided is actually the issuer of the server certificate;
  • the certificate validity is more than 30 days;
  • the certificate is compliant on FIPS-enabled machines.

Token-signing certificate

Checks that the token-signing certificate you provided is valid. The check takes into account the following aspects:

  • the certificate is in pfx format;
  • the password for decrypting the certificate is valid;
  • the certificate validity is more than 30 days;
  • the certificate is compliant on FIPS-enabled machines.

Proxy

Validates that you properly configure the proxy. The check takes into account the following aspects:

  • https_proxy, http_proxy, and no_proxy are set as environment variables on the machine;
  • the proxy server is reachable.

Connectivity

Validates that all machines can connect to each other, that all the required URLs are on the firewall allowlist, and more. The check takes into account the following aspects:

  • the FQDN of Automation Suite and the FQDN of all the other subdomains are resolvable from the machine;
  • in an online setup, all the external URLs are reachable from the machine;
  • all servers, agents, and tainted nodes can connect to each other on the required ports;
  • the outbound connections (URLs) are resolvable via all the nameservers present in /etc/resolve.conf;
  • if any of the URLs is not resolvable via all the nameservers, then at least one nameserver can resolve all the URLs;
  • either the TCP or UDP protocol is allowed;
  • fixed_rke_address is set to port 9345 and 6443;
  • proper Redis connectivy for the provided configuration: hostname and port, credentials, and TLS configuration;
  • a response is issued when a call is made to the FQDN on port 443.

System services

Validates that system services are properly configured. The check takes into account the following aspects:

  • nm-cloud-setup.service, nm-cloud-setup.timer, firewalld are disabled;
  • iscsi-initiator-utils is installed and enabled;
  • auditd is properly configured for --backlog_wait_time set as 1;
  • logrotate is properly configured;
  • net.ipv4.conf.all.rp_filter is disabled (set to 0).

Software requirements

Validates that all the required software is installed. If some software is not installed, the install-uipath.sh installer attempts to install it.

Upgrade

Validates if the upgrade path across Automation Suite versions is correct.

Validating the machines for the installation

To validate your machines, run the following command:

./validateUiPathASReadiness.sh 
  --input /opt/UiPathAutomationSuite/cluster_config.json\
  --node-type server \ #replace with the agent while validating the agent machine.
  --machines "10.0.1.8, 10.0.1.9" #replace with actual machine IPs of all the nodes in the cluster./validateUiPathASReadiness.sh 
  --input /opt/UiPathAutomationSuite/cluster_config.json\
  --node-type server \ #replace with the agent while validating the agent machine.
  --machines "10.0.1.8, 10.0.1.9" #replace with actual machine IPs of all the nodes in the cluster
Note:
  • To validate the requirements for agent, Task Mining, GPU, or Automation Suite Robots machines, change the value of the --node-type flag from server to agent, task-mining, gpu, orasrobots, respectively.
  • If you perform a single-node installation on a single machine, remove the --machines flag. If you perform the installation on multiple machines, provide the IP address of all the machines to validate the connectivity between them.
  • Overview
  • Validating the machines for the installation

Was this page helpful?

Get The Help You Need
Learning RPA - Automation Courses
UiPath Community Forum
Uipath Logo White
Trust and Security
© 2005-2024 UiPath. All rights reserved.